TripleCyber aggregates network security events and analyse them in its advance, proprietary analysis engine to detect cyber attacks patterns at different attack stages. The solutions commonly available typically indicate a vast amount of alerts/events in the company it network. What is needed is not the quantity, but the capability to differentiate between false and positive alerts and to correctly identify a new and sophisticated form of cyber threat or attack.

The solution includes a threat continuous analysis process, provided as a centralized service to multiple customers.
This connection method makes the integration with the customer an easy process with no hardware and no software installation at the customer’s network.
The TripleCyber solution downsize the number of events that requires handling from thousands to only 5-10 critical. The result is an important reduction of at least 70% in reaction time to those critical events.
Less analysts’ manpower is required to handle those fewer events, leading to at least 50% reduction on labor cost.

Under those circumstances, TripleCyber is leveraging the experience gained from other customer attacks to share security intelligence.

TripleCyber analysis and correlation engine is designed to detect critical cyber threats from the aggregation and analysis of a series of alerts that would be considered low-profile and ignored by other technologies. With Big Data analysis capability the correlation engine generates meta-data analysis giving visibility to early attack phase formations from data and event analysis aggregated from all its of customers. The capability to identify different phases of the attack process additionally draws on global network events and includes reconnaissance & information gathering, exploitation & penetration, command & control and data extraction.